Tag: Security

Traditionally, customers have used role-based access control (RBAC) to manage entitlements within their applications. The application controls what users can do, based on the roles they are assigned. But, the drive for least privilege has led to an exponential growth in the number of roles. Customers can address this role explosion by moving authorization logic […]

The AWS Cloud Development Kit (CDK) accelerates cloud development by allowing developers to use common programming languages when modelling their applications. To take advantage of this speed, developers need to operate in an environment where permissions and security controls don’t slow things down, and in a tightly controlled environment this is not always the case. […]

Infrastructure as Code (IaC) is an important part of Cloud Applications. Developers rely on various Static Application Security Testing (SAST) tools to identify security/compliance issues and mitigate these issues early on, before releasing their applications to production. Additionally, SAST tools often provide reporting mechanisms that can help developers verify compliance during security reviews. cdk-nag integrates […]

with Aaron Friedman (Principal PM-T for xGuru services) Amazon CodeGuru is a developer tool that uses machine learning and automated reasoning to catch hard to find defects and security vulnerabilities in application code. The purpose of this blog is to show how new CodeGuru Reviewer features help improve the security posture of your Python applications […]

Learn how to scan Python packages for security vulnerabilities using AWS Developer tools and Snyk

DevSecOps software factory implementation can significantly vary depending on the application, infrastructure, architecture, and the services and tools used. In a previous post, I provided an end-to-end DevSecOps pipeline for a three-tier web application deployed with AWS Elastic Beanstalk. The pipeline used cloud-native services along with a few open-source security tools. This solution is similar, […]

Take a Well-Architected approach to make an informed decision when choosing to implement CI/CD using open-source tools on AWS services, using managed AWS services, or a combination of both.

We will look at key considerations for evaluating open-source software and AWS Services using the perspectives of a startup company, and a mature company, as examples. These will give you two very different points of view that you can use to compare to your own organization. To make this investigation easier we will use Continuous Integration (CI) and Continuous Delivery (CD) capabilities as the target of our investigation.

In our next two blog posts we will follow two AWS customers Iponweb and BigHat Biosciences as they share their CI/CD journeys, their perspective, the decisions they made, and why.

To end the series, we will explore an example reference architecture showing the benefits AWS provides regardless of your emphasis on open source tools or managed AWS services.

Security and compliance standards are of paramount importance for organizations in many industries. There is a growing need to seamlessly integrate these standards in an application release cycle. From a DevOps standpoint, an application can be subject to these standards during two phases: Pre-deployment – Standards are enforced in an application deployment pipeline prior to […]

Amazon CodeGuru is a developer tool that provides intelligent recommendations for improving code quality and identifies an application’s most expensive lines of code. To help you find and remediate potential security issues in your code, Amazon CodeGuru Reviewer now includes an expanded set of security detectors.  In this post, we discuss the new types of […]

This post was contributed by James Bland, Sr. Partner Solutions Architect, AWS, Jay Yeras, Head of Cloud and Cloud Native Solution Architecture, Snyk, and Venkat Subramanian, Group Product Manager, Bitbucket   One of our goals at Atlassian is to make the software delivery and development process easier. This post explains how you can set up […]